295 lines
7.5 KiB
Text
295 lines
7.5 KiB
Text
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html>
|
|
|
|
<?php
|
|
require_once ("include/election-sql.php");
|
|
|
|
$max_step = 4;
|
|
|
|
if (!isset ($_POST["step"])) {
|
|
$step = 1;
|
|
} else {
|
|
$step = $_POST["step"];
|
|
}
|
|
|
|
if ($step > $max_step || $step < 1) {
|
|
$step = 1;
|
|
}
|
|
|
|
$result = "";
|
|
$error = "";
|
|
|
|
$handle = elec_sql_open ();
|
|
if ($handle === FALSE) {
|
|
$error .= "Can not open the database.<br />\n";
|
|
$step = 0;
|
|
}
|
|
|
|
$election_id = -1;
|
|
if ($step == 1) {
|
|
if (isset ($_GET["election_id"]) && is_numeric ($_GET["election_id"]))
|
|
$election_id = $_GET["election_id"];
|
|
} else if ($step >= 1) {
|
|
if (isset ($_POST["election_id"]) && is_numeric ($_POST["election_id"]))
|
|
$election_id = $_POST["election_id"];
|
|
}
|
|
|
|
if ($election_id == -1) {
|
|
$error .= "Please choose an election/referendum on this <a href=\"./\">list</a>.<br />\n";
|
|
$step = 0;
|
|
} else {
|
|
$election = elec_get_election ($handle, $election_id);
|
|
if ($election === FALSE) {
|
|
$error .= "The specified election/referendum does not exist.<br />\n";
|
|
$step = 0;
|
|
} else if (!elec_election_is_current ($election)) {
|
|
$error .= "The voting period for the specified ".htmlspecialchars(elec_election_get_type ($election))." starts on ".htmlspecialchars($election["voting_start"])." (UTC) and ends on ".htmlspecialchars($election["voting_end"])." (UTC). It is not possible to vote now.<br />\n";
|
|
$step = 0;
|
|
}
|
|
}
|
|
|
|
|
|
if ($step > 1) {
|
|
$email = "";
|
|
$tmp_token = "";
|
|
if (isset ($_POST["email"]) && isset ($_POST["tmp_token"])) {
|
|
$email = $_POST["email"];
|
|
$tmp_token = $_POST["tmp_token"];
|
|
}
|
|
|
|
if (!elec_verify_email_tmp_token ($handle, $election_id, $email, $tmp_token)) {
|
|
$step = 1;
|
|
$error .= "The e-mail address and token you gave do not match an existing voter, or you have already voted.<br />\n";
|
|
} else {
|
|
|
|
$choices = elec_choices_get ($handle, $election_id);
|
|
|
|
if (!elec_verify_elections ($choices)) {
|
|
$error .= "The ".htmlspecialchars(elec_election_get_type ($election))." is not properly set up.\n";
|
|
$step = 0;
|
|
}
|
|
|
|
}
|
|
}
|
|
?>
|
|
<head>
|
|
<link rel="stylesheet" type="text/css" href="vote.css" />
|
|
<?php
|
|
if ($step==2)
|
|
{
|
|
?>
|
|
<style>
|
|
.canddata, .prefdata{
|
|
width:30%;
|
|
height: <?php echo 1.8*count($choices); ?>em;
|
|
background: #E0FFD0;
|
|
}
|
|
|
|
|
|
.canddata ul{
|
|
list-style-type: none;
|
|
list-style-position: inside;
|
|
}
|
|
.prefdata ol{
|
|
list-style-position: outside;
|
|
}
|
|
|
|
.canddata ul li:hover, .prefdata ol li:hover{
|
|
background: #E0E0E0;
|
|
cursor: pointer;
|
|
}
|
|
</style>
|
|
<?php
|
|
}
|
|
?>
|
|
<title>The GNOME Foundation - Votes</title>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
|
|
|
|
<?php
|
|
|
|
function escape_js_var($var) {
|
|
$var = preg_replace("([\\\'\"\/])", "\\$1", $var);
|
|
$var = str_replace("\n", "\\n", $var);
|
|
$var = str_replace("\r", "\\r", $var);
|
|
|
|
return $var;
|
|
}
|
|
|
|
if ($step==2)
|
|
{
|
|
?>
|
|
<script type="text/javascript">
|
|
//<![CDATA[
|
|
function addPreference(listItem)
|
|
{
|
|
var preferenceList = document.getElementById('preferences');
|
|
listItem.parentNode.removeChild(listItem);
|
|
preferenceList.appendChild(listItem);
|
|
listItem.setAttribute('onclick', 'removePreference(this)');
|
|
}
|
|
function removePreference(listItem)
|
|
{
|
|
var candidateList = document.getElementById('candidates');
|
|
listItem.parentNode.removeChild(listItem);
|
|
candidateList.appendChild(listItem);
|
|
listItem.setAttribute('onclick', 'addPreference(this)');
|
|
}
|
|
|
|
function populateList(){
|
|
var candidateList = document.getElementById('candidates');
|
|
var listItem;
|
|
var prefInput;
|
|
var listItemText;
|
|
|
|
<?php
|
|
$index=0;
|
|
foreach ($choices as $choice) {
|
|
$index++;
|
|
echo " listItem = document.createElement('li');\n";
|
|
echo " listItem.setAttribute('name', 'vote" . escape_js_var($choice["id"]) . "');\n";
|
|
echo " listItem.setAttribute('onclick', 'addPreference(this)');\n";
|
|
echo " listItemText = document.createTextNode('" . escape_js_var($choice["choice"]) . "');\n";
|
|
echo " listItem.appendChild(listItemText);\n";
|
|
echo " candidateList.appendChild(listItem);\n\n";
|
|
|
|
echo " prefInput = document.createElement('input');\n";
|
|
echo " prefInput.value = '';\n";
|
|
echo " prefInput.name = 'pref$index';\n";
|
|
echo " prefInput.id = 'pref$index';\n";
|
|
echo " prefInput.type = 'hidden';\n";
|
|
echo " document.forms[0].appendChild(prefInput);\n";
|
|
echo "\n";
|
|
}
|
|
?>
|
|
|
|
}
|
|
|
|
function submitPreferences() {
|
|
// Traverse OL, get name & position of preferences, and for each preference,
|
|
// set value of hidden input with name prefN to value voteM before submitting
|
|
var preferenceList = document.getElementById('preferences');
|
|
var pref;
|
|
var i = 0;
|
|
var index = 0;
|
|
|
|
// Iterate through the list
|
|
for( i = 0; i < preferenceList.childNodes.length; i++ )
|
|
{
|
|
node = preferenceList.childNodes[i];
|
|
// If we have a list item, get its name & set the appropriate hidden input
|
|
if (node.nodeName.toLowerCase() == 'li')
|
|
{
|
|
index++;
|
|
pref=document.getElementById('pref'+index)
|
|
pref.value = node.getAttribute('name');
|
|
// DEBUG: alert(pref.name + '=' + pref.value);
|
|
}
|
|
}
|
|
}
|
|
|
|
//]]>
|
|
</script>
|
|
<?php
|
|
}
|
|
?>
|
|
</head>
|
|
|
|
<?php
|
|
if ($step==2){
|
|
?>
|
|
<body onLoad="populateList()">
|
|
<?php
|
|
} else {
|
|
?>
|
|
<body>
|
|
<?php
|
|
}
|
|
?>
|
|
|
|
<?php
|
|
|
|
|
|
if (isset ($election) && $election !== FALSE) {
|
|
echo "<h1>".htmlspecialchars($election["name"])."</h1>\n";
|
|
}
|
|
|
|
if ($step >= 2) {
|
|
$votes_array = elec_vote_get_votes_from_post ($choices);
|
|
$vote = -1;
|
|
|
|
$res = elec_verify_vote_is_valid ($choices, $vote, $votes_array);
|
|
|
|
if ($res != "") {
|
|
$error .= "The vote you made is not valid: ".htmlspecialchars($res)."<br />\n";
|
|
$step = 2;
|
|
}
|
|
}
|
|
|
|
if ($step == 4) {
|
|
/* vote has been confirmed */
|
|
require ("include/step4-commit.php");
|
|
|
|
$result = step4_do ();
|
|
} else if ($step == 3) {
|
|
/* confirm vote */
|
|
require ("include/step3-confirm.php");
|
|
|
|
$result = step3_do ();
|
|
} else if ($step == 2) {
|
|
/* choose vote */
|
|
require ("include/step2-choose.php");
|
|
|
|
$result = step2_do ();
|
|
} else if ($step == 1) {
|
|
/* login */
|
|
require ("include/step1-login.php");
|
|
|
|
$result = step1_do ();
|
|
} else {
|
|
if (!isset ($error) || $error == "")
|
|
$error = "Unknown error.<br />\n";
|
|
}
|
|
|
|
if (isset ($handle))
|
|
elec_sql_close ($handle);
|
|
|
|
if (isset ($error) && $error != "") {
|
|
echo "<div class=\"error\">".$error."</div>\n";;
|
|
echo "<p>If you don't understand the error, you should probably contact the Membership and Elections Committee, which can be reached at <a href=\"mailto:elections@gnome.org\">elections@gnome.org</a>.</p>\n";
|
|
}
|
|
|
|
if ($step != $max_step && $step >= 1) {
|
|
echo "<form action=\"".htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES)."\" method=\"post\"";
|
|
if ($step == 2) {
|
|
echo " onsubmit=\"submitPreferences()\"";
|
|
}
|
|
echo ">\n";
|
|
}
|
|
|
|
echo $result; // already HTML escaped
|
|
|
|
if ($step != $max_step && $step >= 1) {
|
|
if ($step > 1) {
|
|
echo " <input type=\"hidden\" name=\"email\" value=\"". htmlspecialchars($email)."\" />\n";
|
|
echo " <input type=\"hidden\" name=\"tmp_token\" value=\"".htmlspecialchars($tmp_token)."\" />\n";
|
|
}
|
|
if ($step > 2) {
|
|
$index=0;
|
|
|
|
foreach ($votes_array as $vote) {
|
|
$index++;
|
|
$name = "pref".$index;
|
|
$value = "vote".$vote;
|
|
|
|
echo " <input type=\"hidden\" name=\"".htmlspecialchars($name)."\" value=\"".htmlspecialchars($value)."\" />\n";
|
|
}
|
|
}
|
|
echo " <input type=\"hidden\" name=\"election_id\" value=\"".htmlspecialchars($election_id)."\" />\n";
|
|
echo " <input type=\"hidden\" name=\"step\" value=\"".htmlspecialchars($step + 1)."\" />\n";
|
|
echo " <input type=\"submit\" value=\"Continue to next step\" />\n";
|
|
echo "</form>\n";
|
|
}
|
|
?>
|
|
</body>
|
|
</html>
|
|
|